<?php
    @session_start();
    require_once 'shared-functions.php';
    require_once 'session.php';
    require_once 'masterpage.php';
    
    if(!IsValidSession())
    {
        header('Location: login.php?page=edit-assignments');
        exit();
    }
    else
    {
    	RefreshSession();
    }

    $user = GetCurrentUserAccessLevel();

    //Check user access
    if($user == $STUDENT || $user == $LIBRARIAN)
    {
        header('Location: login.php?page=edit-assignments&error=Insufficient privileges to access to the edit assignments page&logout=1');
        exit();
    }

    masterpage("Edit Assignments");
	
	
	echo '<form action="manage-assignments.php" method="post">';
	echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '"/>';
	echo '<input type="submit" value="&lt;&lt; Back to Manage Assignments" />';
	echo '</form>';
	
	
	if (isset($_POST['ItemID']) )
	{
		$id = (int)$_POST['ItemID'];
	}
	else
	{
		echo "<br/><br/>Oops, a courseID was not received.";
		exit();
	}
	
	if (isset($_POST['submitted']))
	{
		$link = connect_db();
		$query = "UPDATE `CourseWork` SET `ItemName` = '{$_POST['AssignmentName']}', `ItemDescription` = '{$_POST['AssignmentDesc']}', `MaxPoints` = '{$_POST['MaxPoints']}', `Weight` = '{$_POST['Weight']}' WHERE `ItemID` = $id;";
		mysql_query($query, $link);
		if (mysql_affected_rows())
			echo "<br/><br/>Assignment Edited";
		else
			echo "<br/><br/>Assignment not edited";
	}
	else
	{
		$link = connect_db();
		$query = "SELECT `ItemID`, `ItemName`, `ItemDescription`, `MaxPoints`, `Weight` FROM `CourseWork` WHERE `ItemID` = $id;";
		$courses = mysql_query($query,$link);
		if(!$courses)
		{
			echo "<br/><br/>Oops...something went wrong. Please contact support.";
			exit();
		}
		
		$tblrow = mysql_fetch_array($courses,MYSQL_BOTH);
		
		echo "<form action='edit-assignments.php?id=$id' method='POST'>";
		echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '"/>';
		echo '<input type="hidden" name="ItemID" value="' . $_POST['ItemID'] . '"/>';
		echo "	<p>Assignment Name:<br/><input type='text' name='AssignmentName' value='{$tblrow['ItemName']}'/></p>";
		echo "	<p>Description:<br/><textarea name='AssignmentDesc' rows='3' cols='70'>{$tblrow['ItemDescription']}</textarea></p>";
		echo "	<p>Max Points:<br/><input type='text' name='MaxPoints' value='{$tblrow['MaxPoints']}'/></p>";
		echo "	<p>Weight:<br/><input type='text' name='Weight' value='{$tblrow['Weight']}'/></p>";
		echo "	<input type='submit'><input type='hidden' value='1' name='submitted'/>";
		echo "</form>";
	}
    
    endmasterpage();
?>

